PDA

View Full Version : infection by trojan "packed.delfCrypt"



jacqhanse
2010-03-19, 10:52
I have been infected by "packed.DelfCrypt" in windows/system32/cfgmgr3232.dll
Searching on internet, a message was posted trough Spybot forum that S&D could remove it.

Using the last version 1.6.2.46 and detection file dated 17 march, it was not found trough search all on my computer and therefore is still in forec.

is there a solution to get rid of it ? Do I need to deviate from the standard options of S&D ?

Thank you in advance

Matt
2010-03-19, 16:27
Hi jacqhanse,


I have been infected by "packed.DelfCrypt" in windows/system32/cfgmgr3232.dll
Searching on internet, a message was posted trough Spybot forum that S&D could remove it.

Using the last version 1.6.2.46 and detection file dated 17 march, it was not found trough search all on my computer and therefore is still in forec.

is there a solution to get rid of it ? Do I need to deviate from the standard options of S&D ?
I'll complile a new Malware list with detection rules for Team Spybot during this weekend and I'll add this file as well. :)

Spybot should be able to delete it with the next update. :bigthumb:

If you still have problems with Malware, I would like you to do that:


Please read this FAQ: "BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance) (http://forums.spybot.info/showthread.php?t=288)

Then start your own thread in the Malware Removal Forum (http://forums.spybot.info/forumdisplay.php?f=22) and post your HijackThis logfile. An analyst will advise you as soon as available.

MisterW
2010-03-19, 20:04
Hello,
even as Matt is collecting this file for his new OpenSBI detection it is quite not sure that it will become part of one of the next updates because all OpenSBI detection rules need a long quality assurence and revision of a real detective of the team spybot.

In order to help you promptly I would suggest to start a topic in the malware removal section as matt already said.

Best regards,
Markus
Team Spybot

Matt
2010-03-19, 22:54
@ MisterW:


even as Matt is collecting this file for his new OpenSBI detection it is quite not sure that it will become part of one of the next updates because all OpenSBI detection rules need a long quality assurence and revision of a real detective of the team spybot.

In order to help you promptly I would suggest to start a topic in the malware removal section as matt already said.
Thank you for clarifying the situation. :bow:



@ jacqhanse:
Happy safe surfing for the future. :bigthumb:
Take care.